What to do when CA or certificate expires
-
Hello,
I have a few hundred users connecting to an OpenVPN running on my pfSense.
Just wondering, what would happen if the deployment lasts forever and I get close to the expiration date of the CA or user certificates?
Would there be a way to renew the CA or user certificates? Would there be a way to renew the CA or certificates if they did expire?
-
Hello,
I have a few hundred users connecting to an OpenVPN running on my pfSense.
Just wondering, what would happen if the deployment lasts forever and I get close to the expiration date of the CA or user certificates?
Would there be a way to renew the CA or user certificates? Would there be a way to renew the CA or certificates if they did expire?
Not sure I am understanding the question. My guess would be: if the certificates expire you will have to generate new ones and install them in the clients.
I'm sure I wrote something noobly stupid just now ;D
-
You'll have to re-issue certs to clients at that point.
-
Ok. My CA expires many years earlier than my user certificates expire. I'm assuming I'll have to reissue the certificates when my CA expires?